Ciao,
Fri, Nov 12, 1999 at 02:10:25PM +0100, Russell Coker wrote:
> Can the people who make the policy please consider putting in place a policy
> regarding packages which often have security problems. If such a package can
> be run as non-root then IMHO the default proceedure suggested by policy
> should be to run in that fashion.
> While we are at it, for most usage sendmail can run as non-root. Could we
> have it default to non-root too?
I suggested many months ago that it would be nice to have critical packages
compiled both as standard compiler and one stackguarded. Bind is one of
them, IMHO. It would be not a big work for maintainer, just to change PATH
to allow execution of the first or the second compiler, but a big
enhancement in both security and debian's image...don't tell me about loss
in performance...someone who break in the system as root is surely worst
than a small amount of CPU.
--
Bye
+--------+ Maybe you are searching for freedom
| Enrico | Maybe you can't find it anywhere
+--------+ I found it in linux.......
,,,
(o o)
----------------------------oOO-(_)-OOo-----------------------------
Easynet S.r.l. Via Trainotti, 6 37121 Verona http://www.easynet.it
----------------------------oOo-----oOo-----------------------------
There is no world without Verona walls,
But purgatory, torture, hell itself.
[Shakespeare: Romeo and Juliet - Act III - Scene III]
--
Bye
+--------+ Maybe you are searching for freedom
| Enrico | Maybe you can't find it anywhere
+--------+ I found it in linux.......
,,,
(o o)
----------------------------oOO-(_)-OOo-----------------------------
Easynet S.r.l. Via Trainotti, 6 37121 Verona http://www.easynet.it
----------------------------oOo-----oOo-----------------------------
There is no world without Verona walls,
But purgatory, torture, hell itself.
[Shakespeare: Romeo and Juliet - Act III - Scene III]